Microsoft Official Exam Center New Released 70-640 Dumps Questions, Many New Questions added into it! Braindump2go Offer Free Sample Questions and Answers for Download Now! Visit Our Webiste, get the new updated Questions then pass Microsoft 70-640 at the first try!

QUESTION 481You are the systems administrator for a medium-sized Active Directory domain. Currently, the environment supports many different domain controllers, some of which are running Windows NT 4 and others that are running Windows 2003 and Server 2008 R2. When you are running domain controllers in this type of environment, which of the following types of groups can you not use? (Choose Two)

Answer: ADExplanation:http://support.microsoft.com/kb/231273Group Type and Scope Usage in WindowsWindows 2000 and later extends the Microsoft Windows NT 4.0 concept of user groups by adding Universal and Distribution groups. In Windows NT 4.0, there are only Global and Local groups, and both are considered Security groups.

QUESTION 482You are the network administrator for an organization that has all Windows Server 2008 R2 domain controllers.You need to capture all replication errors that occur between all domain controllers.What should you do?

Answer: CExplanation:http://technet.microsoft.com/en-us/library/cc748890.aspxConfigure Computers to Forward and Collect EventsBefore you can create a subscription to collect events on a computer, you must configure both the collecting computer (collector) and each computer from which events will be collected (source).http://technet.microsoft.com/en-us/library/cc749183.aspxEvent SubscriptionsEvent Viewer enables you to view events on a single remote computer. However, troubleshooting an issue might require you to examine a set of events stored in multiple logs on multiple computers.Windows Vista includes the ability to collect copies of events from multiple remote computers and store them locally. To specify which events to collect, you create an event subscription. Among other details, the subscription specifies exactly which events will be collected and in which log they will be stored locally. Once a subscription is active and events are being collected, you can view and manipulate these forwarded events as you would any other locally stored events.Using the event collecting feature requires that you configure both the forwarding and the collecting computers.The functionality depends on the Windows Remote Management (WinRM) service and the Windows Event Collector (Wecsvc) service. Both of these services must be running on computers participating in the forwarding and collecting process.http://technet.microsoft.com/en-us/library/cc961808.aspx

QUESTION 483You are one of two network administrators for your organization. Your IT partner does most of the work in Active Directory.While working in Active Directory, your partner accidently deleted a user from the Sales OU. You recover the user from tape backup but you want to help prevent this from happening again inthe future.What can you do?

A. Enable the Active Directory Recycle Bin.B. Use ADSI Edit to restore the user.C. Take away all rights from the other administrator.D. Use the Directory Services Restore Mode Lockout command.

QUESTION 484What is the maximum number of domains that a Windows Server 2008 R2 computer, configured as a domain controller, may participate in at one time?

A. ZeroB. OneC. TwoD. Any number of domains

Answer: B

QUESTION 485You are the systems administrator of a large organization that has recently implemented Windows Server 2008 R2. You have a few remote sites that do not have very tight security.You have decided to implement read-only domain controllers (RODC). What forest functional levels does the network need for you to do the install? (Choose Three)

A. Windows 2000 MixedB. Windows 2008 R2C. Windows 2003D. Windows 2008

Answer: BCDExplanation:http://technet.microsoft.com/en-us/library/cc731243%28v=ws.10%29.aspxPrerequisites for Deploying an RODCEnsure that the forest functional level is Windows Server 2003 or higher.Deploy at least one writable domain controller running Windows Server 2008 or Windows Server 2008 R2 in the same domain as the RODC and ensure that the writable domain controller is also a DNS server that has registered a name server (NS) resource record for the relevant DNS zone. An RODC must replicate domain updates from a writable domain controller running Windows Server 2008 or Windows Server 2008 R2.

QUESTION 487ABC.com has a network that consists of a single Active Directory domain.Windows Server 2008 is installed on all domain controllers in the network. You are instructed to capture all replication errors from all domain controllers to a central location.What should you do to achieve this task?

QUESTION 488Your network contains an Active Directory forest. The forest contains two domains named contoso.com and east.contoso.com. The contoso.com domain contains a domain controller named DC1. The east.contoso.com domain contains a domain controller named DC2. DC1 and DC2 have the DNS Server server role installed.You need to create a DNS zone that is available on DC1 and DC2. The solution must ensure that zone transfers are encrypted.What should you do?

A. Create a primary zone on DC1 and store the zone in DC=Contoso, DC=com naming context. Create a secondary zone on DC2 and select DC1 as the master.B. Create a primary zone on DC1 and store the zone in a zone file. Configure Encrypting File System (EFS) encryption. Create a secondary zone on DC2 and select DC1 as the master.C. Create a primary zone on DC1 and store the zone in a zone file. Configure IPSec on DC1 and DC2.Create a secondary zone on DC2 and select DC1 as the master.D. Create a primary zone on DC1 and store the zone in a zone file. Configure DNSSEC for the zone.Create a secondary zone on DC2 and select DC1 as the master.

Answer: C

QUESTION 489You are hired as a consultant by ABC Corporation to implement a Windows Server 2008 R2 computer onto their Windows Server 2003 domain. All of the client machines are Windows 7. You install Windows Server 2008 R2 onto a new computer and join that computer to the Windows 2003 domain.You want to upgrade the Windows Server 2008 R2 to a domain controller.What should you do first

A. On the new server, run adprep /domainprep.B. On the new server, run adprep /forestprep.C. On a Windows Server 2003 domain controller, run adprep /domainprep.D. On a Windows Server 2003 domain controller, run adprep /forestprep.

Answer: D

QUESTION 490You are the network administrator for your organization. Your company uses a Windows Server 2008 R2 Enterprise Root CA. The company has issued a new policy that prevents port 443 and port 80 from being opened on domain controllers and on issuing CAs.Your users need to request certificates from a web interface.You have already installed the AD CS role.What do you need to do next?

A. Configure the Certificate Authority Web Enrollment Service on a member server.B. Configure the Certificate Authority Web Enrollment Service on a domain server.C. Configure AD FS on member server to allow secure web-based access.D. Configure AD FS on domain controller to allow secure web-based access.

Answer: AExplanation:http://technet.microsoft.com/en-us/library/dd759209.aspxCertificate Enrollment Web Service OverviewThe Certificate Enrollment Web Service is an Active Directory Certificate Services (AD CS) role service that enables users and computers to perform certificate enrollment by using the HTTPS protocol. Together with the Certificate Enrollment Policy Web Service, this enables policy-based certificate enrollment when the client computer is not a member of a domain or when a domain member is not connected to the domain.Personal note:Since domain controllers are off-limits (regarding open ports), you are left to install the Certificate Enrollment Web Service role service on a plain member server

Braindump2go New Released Premium 70-640 Exam Dumps Guarantee You a 100% Exam Success Or We Promise Full Money Back! Download Microsoft 70-640 Exam Dumps Full Version From Braindump2go Instantly!